Latest News

Information Commissioner to get New Powers Information Commissioner to get New Powers
Protecting Your Business Interests Protecting Your Business Interests
HSE 10 Point Health and Safety Compliance Plan HSE 10 Point Health and Safety Compliance Plan
Landlord Successful in Opposing Assignment to New Company Landlord Successful in Opposing Assignment to New Company
Landlord Fails in Hope Value Claim Landlord Fails in Hope Value Claim
Database Extraction Clarified Database Extraction Clarified
Suitable Alternative Employment and Redundancy Suitable Alternative Employment and Redundancy
IP Case Sounds Warning IP Case Sounds Warning
If it isn't in the Documentation If it isn't in the Documentation
TUPE - Split Service Provision After Transfer TUPE - Split Service Provision After Transfer

Dealing With Subject Access Requests

The Data Protection Act 1998 gives individuals the right to access information held about them by organisations. The Act governs how organisations can use the personal information they hold – including how they acquire, store, share or dispose of it.

The Information Commissioner’s Office has published guidance  on how to deal with requests (called ‘subject access requests’) from individuals for information held about them.

The advice distinguishes between requests that can be treated as part of normal business practice and those that should be dealt with formally under the Act.

If the request can be treated as a routine enquiry, rather than a formal subject access request, it often makes sense to do so. The guidance includes examples of the sort of requests for information that should be handled in this way. 

The contents of this article are intended for general information purposes only and shall not be deemed to be, or constitute legal advice. We cannot accept responsibility for any loss as a result of acts or omissions taken in respect of this article.